Page | 1
ITN 262 Midterm Questions with
Detailed Verified Answers
Question: Anonymous is an example of what kind of agent?
Ans: threat
Question: True or False? Modus operandi applies only to criminal orginzations
Ans: false
Question: True or False? Victims can protect themselves against zero-day
attacks.
Ans: false
Question: True or False? The term "security theater" refers to security
measures intended to make potential victims feel safe and secure without
regard to their effectiveness.
Ans: False
Question: True or False? A supervisory control and data acquisition (SCADA)
device is a computer that controls motors, valves, and other devices in
industrial applications
, Page | 2
Ans: true
Question: When disclosing a security vulnerability in a system or software, the
manufacturer should avoid:
Ans: ncluding enough detail to allow an attacker to exploit the
vulnerability
Question: A security analyst is performing a security assessment. The analyst
should not
Ans: take actions to mitigate a serious risk
Question: Desktop malware may not represent a direct threat to ________- or
PLC-based equipment, but practical attacks exist on these systems.
Ans: SCADA
Question: Car ignition locks are an example of what type of decision?
Ans: Rule-based decisions
Question: True or False? Once we have filled in the attack likelihoods and
impacts, we compute the significance by multiplying these values together.
Ans: true
Question: Both forms of the RMF illustrate a(n) _______ engineering process
as a way to plan, design, and build a complicated system
ITN 262 Midterm Questions with
Detailed Verified Answers
Question: Anonymous is an example of what kind of agent?
Ans: threat
Question: True or False? Modus operandi applies only to criminal orginzations
Ans: false
Question: True or False? Victims can protect themselves against zero-day
attacks.
Ans: false
Question: True or False? The term "security theater" refers to security
measures intended to make potential victims feel safe and secure without
regard to their effectiveness.
Ans: False
Question: True or False? A supervisory control and data acquisition (SCADA)
device is a computer that controls motors, valves, and other devices in
industrial applications
, Page | 2
Ans: true
Question: When disclosing a security vulnerability in a system or software, the
manufacturer should avoid:
Ans: ncluding enough detail to allow an attacker to exploit the
vulnerability
Question: A security analyst is performing a security assessment. The analyst
should not
Ans: take actions to mitigate a serious risk
Question: Desktop malware may not represent a direct threat to ________- or
PLC-based equipment, but practical attacks exist on these systems.
Ans: SCADA
Question: Car ignition locks are an example of what type of decision?
Ans: Rule-based decisions
Question: True or False? Once we have filled in the attack likelihoods and
impacts, we compute the significance by multiplying these values together.
Ans: true
Question: Both forms of the RMF illustrate a(n) _______ engineering process
as a way to plan, design, and build a complicated system
